CB Insights

MARCH 1, 2022

California-based Secureframe helps companies automate SOC 2, ISO 27001, PCI DSS, and HIPAA compliance processes. Secureframe , a security and compliance software provider, has raised $56M in a Series B round that drew participation from Accomplice, Gradient Ventures, and Soma Capital, among others.

PCI DSS 12

PCI DSS Compliance Security ISOs 12

Payments Source

AUGUST 7, 2018

Lack of preparation for a PCI DSS assessment usually results in unexpected and unnecessary expenses, as well as lost productivity among all parties involved, writes Marc Punzirudu, director of security consulting services at ControlScan.

PCI DSS 72

PCI DSS Audit Assessments Consulting 72

Payments Source

OCTOBER 21, 2019

While doing the bare minimum means that companies avoid receiving hefty non-compliance fines, it doesn’t achieve a great deal more, says FIME's Arnaud Crouzet.

PCI DSS 61

PCI DSS Security Compliance Risk 61

Payments Source

JULY 11, 2018

Even though much of PCI data is stored and maintained on mainframes, many are currently not being evaluated or scanned accurately for PCI DSS compliance, writes Ray Overby, co-founder and president of Key Resources.

PCI DSS 63

PCI DSS Compliance Data Breach Breach 63

The Fintech Times

SEPTEMBER 24, 2024

Many regtech companies obtain ISO certifications to strengthen their GDPR alignment.” “Most modern solutions are designed with compliance in mind, meeting stringent regulatory requirements such as GDPR and PCI DSS.

Privacy 107

Privacy Compliance PCI DSS Rules 107

Stax

MARCH 15, 2024

The primary security standards that payment systems typically adhere to include: Payment Card Industry Data Security Standard (PCI DSS): PCI DSS sets forth requirements for securing payment card data, including encryption, access control, network monitoring, and regular security testing.

Process 88

Process Security PCI DSS Encryption 88

Fintech News

SEPTEMBER 9, 2024

He says Jumio’s solutions are built on a foundation of compliance and security and have achieved key certifications like ISO/IEC 27001:2013, PCI DSS, and SOC2 Type 2, amid regular reviews of its security objectives, risks, and controls to improve processes.

Deepfake 115

Deepfake PCI DSS Verification Financial Inclusion 115

Stax

FEBRUARY 15, 2024

There are two main ways that an ISV can become a payment provider—by adopting the ISO model or the PayFac model. In the ISO model, an ISV partners with a third party that handles merchant account setup, payment processing, risk, and compliance. ISV vs PayFac FAQs Q: What is the difference between PayFac and ISOs?

ISVS 88

ISVS Facilitators ISOs Payment APIs and Integration 88

FICO

NOVEMBER 1, 2016

These requirements are consistent with ISO 27001 standards and leading industry practices. They note that most financial services firms are already complying with Payment Card Industry Data Security (PCI DSS), the Federal Financial Institutions Cybersecurity Assessment Tool, as well as the aforementioned NIST framework.

Cybersecurity 81

Cybersecurity Regulations PCI DSS Data Encryption 81

Fintech Finance

JANUARY 17, 2024

In addition to the EMI licence in the UK, Payhawk holds an EMI license covering the EEA, is a principal member of Visa Europe, is accredited by ICAEW’s Technology Accreditation program, and maintains PCI DSS Level 1, SOC 2, and ISO 27001 certifications.

PCI DSS 52

PCI DSS Accreditation Due Diligence Regulations 52

Fintech Finance

FEBRUARY 29, 2024

These developments build on an advanced, and externally validated, security and compliance framework, with SOC 1 and 2 certifications, as well as PCI DSS Level 1 and ISO 27001.

PCI DSS 52

PCI DSS Accreditation ISOs Credit Cards 52

Clearly Payments

DECEMBER 5, 2023

This comprehensive guide aims to unravel the complexities and distinctions among three primary types of payment processors: Acquirers, Independent Sales Organizations (ISOs), and Aggregators. Collaborating with acquirers, ISOs facilitate the establishment and management of payment processing systems for merchants.

Processors 52

Processors ISOs Payment APIs and Integration Payments 52

Stax

JUNE 6, 2024

Ensure that the AR software complies with security standards like the International Organization for Standardization (ISO), General Data Protection Regulation (GDPR), System and Organization Controls (SOC) reporting, and Payment Card Industry Data Security Standard (PCI DSS).

Accounts 88

Accounts PCI DSS Online and Mobile Banking Automation 88

Clearly Payments

NOVEMBER 13, 2024

BINs were initially established by the International Organization for Standardization (ISO), which set guidelines to ensure that each card-issuing institution has unique identifying numbers. Over time, BINs have become fundamental to payment processing systems worldwide, supporting a wide range of financial transactions.

Process 80

Process Processors Payments Compliance 80

The Fintech Times

SEPTEMBER 5, 2024

Adhering to PCI DSS standards – through encryption, secure authentication, and device security – is crucial for mitigating these risks and ensuring safe transactions.

Financial Crimes 64

Financial Crimes Mitigation Cybersecurity Crime 64

EBizCharge

NOVEMBER 12, 2024

Some examples of this compliance include Payment Card Industry Data Security Standards (PCI DSS) , Know Your Customer (KYC), and Anti-Money Laundering (AML) regulations. Along with knowing how to avoid delays, businesses should understand the distinctions between Independent Sales Organizations (ISOs) and PayFacs.

Underwriting 52

Underwriting ISOs Risk Assessment Processors 52

Ikajo

DECEMBER 18, 2023

Other Fintech solution providers Companies that offer financial technology solutions, such as banks, Independent Sales Organizations (ISOs), Merchant Service Providers (MSPs), and other Fintechs, can diversify their offerings and extend their service spectrum by integrating white-label payment gateways seamlessly branded under their corporate brand.

Payment Gateways 52

Payment Gateways Gateways PCI DSS Payments 52

The Fintech Times

JUNE 13, 2024

Advanced security measures, such as SSL encryption and tokenisation, along with compliance with regulatory standards like PCI DSS, help protect sensitive transaction data and build consumer trust.

Instant Payments 59

Instant Payments Payment APIs and Integration ISO 20022 PCI DSS 59

The Fintech Times

MARCH 6, 2024

Whether it’s safeguarding against PCI DSS compliance requirements, managing risks associated with various types of data, or implementing industry-standard encryption during data processing, storage, and transportation, we approach data sharing with the utmost seriousness.

Digital Payments 64

Digital Payments Innovation Security Issuers 64

The Fintech Times

JULY 20, 2024

This has included using new technology and messaging standards (ISO 20022) to improve performance, data quality and operational efficiency. “In addition, the financial sector needs to continually promote cooperation and adherence to regulatory standards like GDPR and PCI DSS.

Payments 75

Payments Mitigation Regulations ISO 20022 75

Stax

APRIL 18, 2024

Compliance standards include GDPR for data protection, HIPAA for healthcare data privacy, PCI DSS for payment card security, and ISO 27001 for information security management. They can work with compliance experts or third-party consultants to achieve this.

ISVS 88

ISVS Payment APIs and Integration End User On-Demand 88

Ikajo

NOVEMBER 22, 2023

For instance, ISOs, MSPs, embedded finance providers, cryptocurrency payment platforms, and others. Look into their payment fraud prevention measures, including data encryption, anti-fraud filters, and adherence to PCI DSS. This is particularly beneficial for FinTechs specializing in areas beyond payment facilitation.

Facilitators 52

Facilitators Payment APIs and Integration PCI DSS Payments 52

Payment Savvy

MAY 10, 2024

Compliance Plaid adheres to data protection regulations like GDPR and CCPA, as well as financial industry standards such as PCI DSS. Certifications and Policies Plaid offers user control over data sharing, a clear privacy policy, and certifications in recognized security standards like ISO 27001 and ISO 27701.

Payment APIs and Integration 52

Payment APIs and Integration Venmo Privacy Credential 52

PayHawk

APRIL 18, 2023

Independent Sales Organization (ISO) A third-party organization that contracts with payment processors to sell merchant accounts and processing services. PCI DSS Payment Card Industry Data Security Standards, a set of security standards designed to protect payment card data.

Process 52

Process Card Issuer Online and Mobile Banking Issuers 52

Payments Source

SEPTEMBER 16, 2018

Organizations that lack security controls and have experienced a breach can expect auditors, regulators and standards bodies to knock on their doors demanding information, writes Fouad Khalil, head of compliance and SecurityScorecard.

Breach 114

Breach Compliance On-Demand Regulations 114

Payments Source

DECEMBER 27, 2018

Despite what we assume are dedicated efforts to protect customer’s personal information, hackers are finding the loopholes in businesses’ process and technology data protection life cycle. It happened with Target in 2013, the Home Depot in 2014, and many others since, writes Todd Feinman, co-founder and chief product officer of Spirion.

Breach 112

Breach Compliance Process Product 112

Payments Source

AUGUST 2, 2017

Plenty of U.S. merchants still working to complete their migration to EMV now have another high-pressure technology hurdle to worry about: Most are still using a core transaction security protocol set to expire in the next 11 months and if they don’t take appropriate action they’ll be unable to process transactions.

Security 107

Security EMV Transactions Process 107

Payments Source

JANUARY 10, 2019

FIs can free their IT team to focus on more profitable projects, reduce the risk of fines and ease the administrative burden of audits, writes Sean Ventura, chief information security officer at Atmosera.

Compliance 93

Compliance Audit Risk Security 93

Nanonets

AUGUST 21, 2023

Your B2B payment automation software should be compliant with relevant regulations and international standards such as PCI-DSS and ISO 27001, ensuring that your and your partners’ financial data is safe and secure.

Automation 52

Automation B2B Payment APIs and Integration Payments 52

Payments Source

JANUARY 21, 2020

After a decline, fraud has recently spiked. But there are measures companies can take to stay ahead of the crooks, says Nvoicepay's Alyssa Callahan.

Checks 89

Checks PCI DSS ISOs Process 89

Payments Source

MARCH 26, 2018

Driven by big breaches like the Equifax incident, all stakeholders in card payments will have to demonstrate multi-factor authentication, writes Michael Magrath, director of global regulations and standards at VASCO.

Breach 83

Breach Authentication Regulations PCI DSS 83

Payments Source

APRIL 19, 2018

This update will be an immense help to the broader payments industry in the ongoing adoption of cloud computing by organizations subject to PCI compliance obligations, writes Dan Stocker, practice director of commercial services for cloud and technology at Coalfire.

Compliance 81

Compliance Payments Technology PCI DSS 81

Payments Source

JUNE 13, 2018

PCI compliance can take time and is expensive, but it's a vital part of security and there are ways to mitigate the resource challenges, according to Justin Shipe, vice president of information security for CardConnect.

Breach 71

Breach Mitigation Compliance Security 71

Payments Source

MARCH 14, 2018

There is a growing need for professionals who install and support merchant payment systems to be aware of and trained on critical security controls, writes Mauro Lance, chief operating officer of the PCI Security Standards Council.

Breach 70

Breach Payments Security PCI DSS 70

Stax

MAY 6, 2024

Choosing the right payment partner with a solid security track record is crucial for enhancing data security and complying with PCI DSS standards. Learn More What is PCI compliance? Short for Payment Card Industry Data Security Standard, PCI DSS ensures the safe handling of sensitive payment information.

Data Security 88

Data Security PCI DSS ISVS Compliance 88

Fintech Finance

MARCH 25, 2024

Leatherback is FCA Authorised, PCI DSS Compliant, and ISO Certified. Headquartered in London, Leatherback is regulated in the United Kingdom, Nigeria, Ethiopia, Canada, India, Pakistan, Nepal, and Sri Lanka, enabling the platform to effectively serve customers across a wide range of markets.

PCI DSS 52

PCI DSS ISOs SWIFT Verification 52

Finovate

JULY 12, 2024

The technology will enable Affin Bank to process 20%+ more transactions, and enable interoperability among PayNet, RENTAS, and SWIFT using ISO 20022 standards. Middle East and Northern Africa Abu Dhabi-based Pyypl achieved PCI-DSS V4.0 certification this week following news of the company’s partnership with Visa.

ISO 20022 45

ISO 20022 PCI DSS Payments Online and Mobile Banking 45